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5 SMART CARD SECURITY FOR COMPUTER SYSTEM 

6 
7 

8 FIELD OF THE INVENTION 

9 This invention relates generally to the field of computer security. More 
1 0 particularly, this invention relates to a smart card-based computer access system 
W with logging of user activity. 

H 

if BACKGROUND OF THE INVENTION 

111 When personal computers are utilized in a home environment or small office 

f| environment, it is often desirable to impose some measure of security and/or 

|6 parental control over use of the computer. Generally, the security requirements for 

f? such an environment are dramatically less than those for larger business 

|| enterprises and government computer systems. Moreover, the level of 

I|9 sophistication of the user in a home computer environment or small business 

20 computer environment varies greatly, as does the availability of high quality, 

21 responsive technical support. Accordingly, it is desirable that in such environments 

22 the level of security not be so overwhelming as to prevent the owner of the 

23 computer system from being able to overcome the security measures and access 

24 computer information. But, it is equally important that such use be detectable as 

25 a parental oversight or security measure. 
26 

27 SUMMARY OF THE INVENTION 

28 The present invention relates generally to computer security. Objects, 
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1 advantages and features of the invention will become apparent to those skilled in 

2 the art upon consideration of the following detailed description of the invention. 

3 In one embodiment of the present invention a computer security system 

4 utilizes smart cards for computer access. A system for home or small business 

5 use generally is presented in which smart cards are utilized to gain access to 

6 computer functions. The user is presented with a login prompt that permits login 

7 using the smart card. The user is permitted to bypass use of the smart card and 

8 obtain access to the computer system, but such use of the computer system is 

9 logged for review by an administrator. Such an arrangement has the advantage 
1 0 that the user is able to log in without the smart card if need be, but such use can 
t| be detected by an administrator (e.g., a parent). 

% A method of controlling access to a computer system consistent with an 

U3 embodiment of the present invention includes receiving a request to log into the 

fjf computer system; determining if a smart card is being used as a part of a login 

f| protocol to log in to the computer system; if so, permitting use of the computer 

46 system and logging use of the computer system for the user associated with the 

|? smart card; and if not, permitting use of the computer system and logging use of 

% the computer system to an unknown user. 

W Instructions for execution on a programmed processor can be stored in any 

20 suitable computer readable storage medium for carrying out the above method. 

21 A computer system having an access control system consistent with an 

22 embodiment of the present invention has a central processor and a smart card 

23 reader accessible by the central processor. A security program runs on the central 

24 processor that: determines if a smart card is being used as a part of a login 

25 protocol to log in to the computer system; if so, permits use of the computer system 

26 and logs use of the computer system for the user associated with the smart card; 

27 and if not, permits use of the computer system and logs use of the computer 

28 system to an unknown user. 

29 The above summaries are intended to illustrate exemplary embodiments of 

30 the invention, which will be best understood in conjunction with the detailed 
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1 description to follow, and are not intended to limit the scope of the appended 

2 claims. 
3 

4 BRIEF DESCRIPTION OF THE DRAWINGS 

5 The features of the invention believed to be novel are set forth with 

6 particularity in the appended claims. The invention itself however, both as to 

7 organization and method of operation, together with objects and advantages 

8 thereof, may be best understood by reference to the following detailed description 

9 of the invention, which describes certain exemplary embodiments of the invention, 
10 taken in conjunction with the accompanying drawings in which: 

l fg FIGURE 1 is a block diagram showing a computer system suitable for 

ijj implementation of an embodiment of the present security system. 
1$1 FIGURE 2 depicts an exemplary opening screen consistent with one 

1 J? embodiment of the present invention. 

1 P FIGURE 3 depicts an exemplary access administration menu consistent with 

1 §j one embodiment of the present invention. 

W FIGURE 4 depicts an exemplary smart card initialization screen consistent 

1g with one embodiment of the present invention. 

# FIGURE 5 depicts an exemplary program selection window consistent with 

20 one embodiment of the present invention. 

21 FIGURE 6 depicts an exemplary smart card initialization log screen 

22 consistent with one embodiment of the present invention. 

23 FIGURE 7 depicts an exemplary access log screen consistent with one 

24 embodiment of the present invention. 

25 FIGURE 8 depicts an exemplary shut down counter screen consistent with 

26 one embodiment of the present invention. 

27 FIGURE 9 depicts an exemplary access control screen consistent with one 

28 embodiment of the present invention. 
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1 FIGURE 10 is a flow chart of the basic operational flow of an embodiment 

2 consistent with the present invention. 
3 

4 DETAILED DESCRIPTION OF THE INVENTION 

5 In the following detailed description of the present invention, numerous 

6 specific details are set forth in order to provide a thorough understanding of the 

7 present invention. However, it will be recognized by one skilled in the art that the 

8 present invention may be practiced without these specific details or with 

9 equivalents thereof. In other instances, well known methods, procedures, 
1 0 components, and circuits have not been described in detail as not to unnecessarily 
1r| obscure aspects of the present invention. 

if 

t§ NOTATION AND NOMENCLATURE 

til Some portions of the detailed descriptions which follow are presented in 

H terms of procedures, steps, logic blocks, processing, and other symbolic 

i§ representations of operations on data bits that can be performed on computer 

ft memory. These descriptions and representations are the means used by those 

jf skilled in the data processing arts to most effectively convey the substance of their 

tt work to others skilled in the art. A procedure, computer executed step, logic block, 

20 process, etc., is here, and generally, conceived to be a self-consistent sequence 

21 of steps or instructions leading to a desired result. The steps are those requiring 

22 physical manipulations of physical quantities. 

23 Usually, though not necessarily, these quantities take the form of electrical 

24 or magnetic signals capable of being stored, transferred, combined, compared, and 

25 otherwise manipulated in a computer system. It has proven convenient at times, 

26 principally for reasons of common usage, to refer to these signals as bits, values, 

27 elements, symbols, characters, terms, numbers, or the like. 

28 It should be borne in mind, however, that all of these and similar terms are 

29 to be associated with the appropriate physical quantities and are merely convenient 
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1 labels applied to these quantities. Unless specifically stated otherwise as apparent 

2 from the following discussions, it is appreciated that throughout the present 

3 invention, discussions utilizing terms such as "processing" or "computing" or 

4 "timing" or "presenting" or "determining" or "logging" or "displaying" or "permitting" 

5 or the like, refer to the action and processes of a computer system, or similar 

6 electronic computing device, that manipulates and transforms data represented as 

7 physical (electronic) quantities within the computer system's registers and 

8 memories into other data similarly represented as physical quantities within the 

9 computer system memories or registers or other such information storage, 
1 0 transmission or display devices. 

{§ SMART CARD SECURITY FOR COMPUTER SYSTEM IN ACCORDANCE WITH 

f§ THE INVENTION 

fH While this invention is susceptible of embodiment in many different forms, 

ft there is shown in the drawings and wilJ herein be described in detail specific 

16 embodiments, with the understanding that the present disclosure is to be 

If considered as an example of the principles of the invention and not intended to limit 

J]8 the invention to the specific embodiments shown and described. In the description 

pP9 below, like reference numerals are used to describe the same, similar or 

20 corresponding parts in the several views of the drawings. 

21 A computer system suitable for implementing the present invention is 

22 depicted in FIGURE 1 as 1 00. Computer system 1 00 includes a central processor 

23 unit (CPU) 1 0 with an associated bus 1 5 used to connect the central processor unit 

24 10 to Random Access Memory 20 and Non-Volatile Memory 30 in a known 

25 manner. An output mechanism at 40 may be provided in order to display or print 

26 output for the computer administrator. Similarly, input devices such as keyboard 

27 and mouse 50 may be provided for the input of information from the computer 

28 administrator. Computer 100 also may include disc storage 60 for storing large 

29 amounts of information as required. Computer system 100 may be coupled to a 
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1 computer network using a network connection 70 such as an Ethernet adapter. 

2 System 100 may also include a modem or other access device (not shown) for 

3 connection to the Internet. In accordance with the present invention, computer 1 00 

4 also has a smart card reader 80, either as an internal or externally connected 

5 device, that reads smart cards as an access control mechanism. In addition to the 

6 components shown, the computer system 100 may also be connected to various 

7 other printing, scanning and communication devices. 

8 Smart card reader 80 reads smart card devices which are generally credit 

9 card type devices incorporating some form of computer readable storage device 
1 0 and, preferably, a computer processor. However, for purposes of this invention, a 
©1 smart card may be considered to be any form of identification device that can be 
jfc readily carried by the user and contains computer readable information storage 
ft media that can be adapted to the computer security methods and apparatus 
1114 described herein. 

jj5 The computer system 1 00 operates in conjunction with an operating system 

t|6 such as one of the Windows™ operating systems available from Microsoft, Corp., 

©7 Redmond, WA., to permit users to carry out various operations including word 

:J8 processing, database operations, games, etc. The present invention is carried out 

9 in a security program operating in conjunction with, or as a part of, the operating 

20 system. Computer readable instructions for carrying out the processes of the 

21 present invention can be stored on the disc storage 60 or any other suitable 

22 computer readable storage medium. 

23 In a home computer system incorporating a computing device such as that 

24 illustrated as computer system 1 00 of FIGURE 1 , it may be desirable to exercise 

25 security measures and parental control utilizing a smart card device in a manner 

26 which provides oversight and restricted access without overwhelming the users. 

27 When computer system 100 is booted, in accordance with an embodiment 

28 of the present invention, and there is no user logged into the computer system, the 

29 computer system may present a screen image similar to exemplary image 200 of 

30 FIGURE 2. Image 200 includes a window 1 04 that welcomes the user to log in by 
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inserting a smart card in smart card reader 80. Once the user has inserted the 
smart card into smart card reader 80, the "OK" button 108 is selected or pointed to 
with cursor or pointer 112 and the user clicks a mouse button to log in. At this 
point, a login is conducted by the computer system CPU, by using a suitable login 
protocol including reading the information on the smart card using smart card 
reader 80. The user identified by the smart card inserted into smart card reader 80 
is then permitted access to the computer resources in accordance with whatever 
access privileges have been designated for the user of the smart card. 

In accordance with a feature of embodiments of the present invention, a user 
without a smart card or who has lost his smart card may still log into the computer 
system by first checking the bypass box 120 and then selecting the "OK" button 
J 08. This permits the user to still access the computer without a smart card, but 
^creates a log of that use that can be inspected and investigated if necessary by the 
§iuser that administers use of the smart cards and the computer system. In this 
pjmanner, a user is never prohibited access to the computer system, but access to 
Mhe computer system without use of the smart card is logged and can therefore be 
^investigated. By way of example, in a family computer system, with the family 
^consisting of two parents and a child, use of the computer system by the child 
□without his or her smart card will appear in an access log as an unknown user. 
The parents can readily determine, in general, which of the three approved users 
have accessed the computer system without the smart card. Appropriate 
measures can then be taken to address any parental issues arising from a child 
making unauthorized use of the computer. Thus, the present invention provides for 
a measure of parental control over a child's use of the computer. 

In accordance with an embodiment of the invention, an icon 130 may appear 
on the computer screen either in the working area of the computer screen, the 
control area of the computer screen 136 or on a control bar 142 of the computer 
screen that can be used after logging in to access various features of the smart 
card and access administration in accordance with the present invention. In one 
embodiment, icon 130 is also used as an alert to bring to the attention of the 
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1 administrator that a bypassed access to the computer system has taken place. In 

2 this embodiment, a visual attribute of the icon 130 may be modified to alert the 

3 computer administrator to the fact that the computer has been accessed by a 

4 bypass. In one embodiment, the colors of icon 1 30 can be changed or other visual 

5 attributes about the icon can change. Other examples of changing visual attributes 

6 of icon 1 30 include animating the icon or causing the icon to flash. Those skilled 

7 in the art will appreciate that this is actually accomplished not by changing the 

8 attribute of the icon itself but by substituting a different icon file for the normal icon 

9 file. Similarly, flashing icons or moving GIF icons can be utilized to bring a 
1 0 bypassed login to the attention of the administrator. 

1 jj In accordance with one embodiment of the present invention, after the user 

1$ has logged in with a smart card, and the system determines that the user has 

Iff administrative rights, the user may select icon 130 or select to administer access 

1fj rights from a program menu (or using any other conventional mechanism for 

fS launching a program) can obtain a menu of access administration features at an 

IB access administration menu 300 as illustrated in FIGURE 3. This exemplary menu 

# gives the user the choice of initializing a smart card at 204, viewing the smart card 

IJ log at 208, viewing an access log for determining which users have accessed the 

§=§ computer system at 2 1 2, entering an access control menu at 21 6 or exiting at 220. 

20 Launching any of these activities is accomplished by pointing to the selection with 

21 pointer 112 and clicking, or striking the first character of the menu selection from 

22 the keyboard in a conventional manner. In the case of selections 204, 208, 212 

23 and 216, the arrow heads to the right of the selection indicate that a new window 

24 will appear when that item is selected. 

25 If the user elects to initialize a smart card (or otherwise adjust the 

26 administration of a smart card) by selecting menu selection 204, the user is taken 

27 to the smart card initialization window 400. This window may include a name 

28 identification region 304 where the administrator types the name of the user. In 

29 region 308, the administrator can determine some of the users rights, such as the 

30 users right to initialize the smart card, clear a log, disable access control and turn 
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1 off (reset) the bypass alert indicator (i.e., the flashing icon 130.) In addition, the [ 

2 user can determine whether unrestricted access is permitted or whether controls j 

3 over access times and programs are to be instituted. If the administrator selects i 

4 "allow access only:", the user then fills in a time range in region 310 during which 

5 the new user is permitted access to the computer system. The administrator can 

6 also determine that the user is permitted to access all programs at 314 or a 

7 restricted set of programs at 31 8 that are selected from a list. 

8 FIGURE 5 illustrates an exemplary program selection list 500 used to select | 

9 from available executable programs those which the current user is permitted to 
1 CL access. Window 500 appears when selection 31 8 is selected and the user scrolls 
1 p through a list of programs that can be selected by pointer 112 and a mouse button 

I j§ to determine which programs the user is permitted to access. When the 
lftj administrator clicks the "OK" button 420, the user returns to window 400. When 
W the process is completed, the administrator clicks the "OK" button 330 and is led 
1B through a sequence of steps to program the smart card. For example, the user will 
t| then receive a window instructing the user to insert a new smart card into smart 

II card reader 80, the smart card is then programmed by the computer and the user 
H may be instructed to remove the smart card and replace it with his or her own 
t§ smart card. Thus, a smart card can be initialized or reprogrammed using the 

20 initialized smart card selection 204 of menu 300. 

21 When a user with administration privileges wishes to see the smart card log, 

22 selection 208 is selected from menu 300 and the administrator is taken to 

23 exemplary window 600 of FIGURE 6. This window shows a list of all activity in 

24 initializing or modifying or revoking a smart card. The administrator can select any 

25 of the users listed on the smart card initialization log by placing the pointer 1 12 over 

26 the users log entry and clicking the mouse. This takes the user to a screen that 

27 details the rights associated with that user and/or changes that were made in the 

28 particular log entry. Log entries can be scrolled for viewing larger numbers of log 
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1 entries in a conventional manner. When the user wishes to return to the access 

2 administration menu 300 the "Exit" button 510 is operated. 

3 If the user wishes to view the access log, selection 212 is made from the 

4 access administration menu 300. This results in window 700 of FIGURE 7 being 

5 displayed on the computer system display. This access log provides a listing of all 
' 6 times and users that have accessed the computer system. Whenever a user logs 

7 in using their smart card, an entry such as 608 is created. Entry 608 shows that a 

8 user named Joe accessed the computer system from 4:37pm to 5:35pm on 

9 04/16/2001. In certain embodiments of the invention, by clicking on the log entry 
10 using pointer 112 and the mouse button, more detailed information may be 
tS available such as what programs were accessed during this time period. In other 
|j embodiments, only a log of use of the computer in some manner is provided. • 
t| Whenever the computer is accessed without using the smart card by selecting by 
fs| selecting bypass selection 120 as illustrated in FIGURE 2, an entry such as 616 is 
t§ created to show that a bypassed access to the computer system occurred between 
|f 9:22pm and 9:58pm on 04/1 5/2001 . In this event, the entry is logged as bypassed 
ft which indicates that the user is unknown to the computer system but the entry was 
p made without benefit of a smart card. 

jTfJ If a user has administrative privileges that permit disabling the access 

20 control, the disabling and re-enabling of the access control is also logged as shown 

21 by an entry stating that the system was disabled such as 620 and enabled such as 

22 630. During the time period that the access control was disabled, the system 

23 continues to log uses of the computer as unnamed users as illustrated by entries 

24 634 and 638. When the administrator wishes to leave the access log, this is 

25 accomplished by clicking the "Exit" button 650. If the user selects access control 

26 selection 21 6 from menu 300 of FIGURE 3, and the user has privileges for access 

27 control; the user is taken to menu 800 of FIGURE 8. In this menu, the user can 

28 elect to either enable the smart card access control or disable it. The user can then 

29 return to the access administration menu 300 by selection of "OK" button 710. 
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1 Selection 220 from access administration menu 300 of FIGURE 3 exits the access 

2 administration menu. 

3 In order to assure that a single user does not simply login and leave the 

4 computer unattended for large periods of time permitting uncontrolled access to the 

5 computer, a timer is set whenever a user logs in. This timer can be, for example, 

6 a 10-minute timer, but this is not to be limiting. In this example, when there has 

7 been no screen activity for a period of time (e.g. 5 minutes) a shut down warning 

8 message such as message 900 of FIGURE 9 appears on the screen to warn the 

9 user that he will be automatically logged out in 5 minutes. The window then may 
1 0 count down the time until the log out will occur. At the end of the count down, an 
1 13 automatic log out procedure is carried out including closing down all currently 
1^1 opened files and programs to prevent malfunctioning of those programs the next 

time they are used. In order to regain access to the computer system, the user 

1 411 simply logs in again as illustrated in FIGURE 2. 

1 H Whenever the icon 1 30 indicates that a bypassed login has taken place, a 

1 & user with the privilege of turning off the bypass alert can observe that a bypassed 

1fl login has taken place and can turn off the alert in any number of manners. For 

1|: example, the art of logging in itself may be used to turn off the bypass alert. In 

iff other examples, an authorized user can click on icon 130 and before being 

20 presented with an access administration window 300 can be given the option to 

21 turn off the bypass alert. In other embodiments, using a second button on the 

22 mouse to click on icon 1 30 can give the option of turning off the alert. Those skilled 

23 in the art will appreciate many mechanisms for accomplishing the turning off of the 

24 bypass alert. Similarly, users that are permitted to clear a log may do so using 

25 similar techniques such as invoking a menu from the log window in some manner 

26 or invoking a window from an icon or program control menu. Those skilled in the 

27 art will appreciate that the specific manner of operation illustrated should not be 

28 considered limiting since many other mechanisms for access control consistent 
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1 with the present invention can be utilized and such techniques are considered 

2 implementation details for purposes of this discussion. 

3 Referring nowto FIGURE 10, a process 1000 is illustrated starting at 902 for 

4 the basic operation of the present access control system. In accordance with 

5 process 1 000, the system first presents a login screen 200 to the user at 904. If 

6 bypass is not selected from this login screen at 908, the system inspects the smart 

7 card in the system for the user attempting to login and determines what that users 

8 access restrictions are at 91 2. Access restrictions may include time of day or other 

9 access restrictions. If those access restrictions are met at 912, then the user is 
1 0 logged in and that login activity is logged under the user name at 916. The system 
iff then permits the login at 920 in accordance with any restrictions associated with 
[p the user. At 922 the timer is set for timing inactivity of the computers user. 

Jfi3 In the event the user is permitted to clear an access alert, in one 

§4 embodiment the user is presented with the option of clearing that alert at 924. If 

Jfe the user is enabled to clear that alert and elects to do so, the alert is cleared at 928. 

46 Otherwise, the clearing of the alert at 928 is bypassed and the user is permitted 

ft7 access to programs residing on the computer at 932 in accordance with restrictions 

;|8 defined for that particular user smart card. 

CP9 During the conventional program access at 932, the timer is periodically 

20 inspected to determine if a time out has occurred at 940. If so, the user is 

21 presented with a shutdown screen 900 at 944 and if no activity occurs at 948 the 

22 automatic shutdown is carried out at 952. Also, if the user initiates a shutdown or 

23 logout at 956 control passes to 952 where programs and data are saved to prevent 

24 loss of information or malfunction as previously described. In the event activity 

25 occurs (e.g. , keyboard or mouse activity) at 948 the timer is reset at 954 and control 

26 returns to 940. During the timer activity, the user can simultaneously carry out 

27 other computer functions with the timing taking place in the background. 

28 In the event at 908, the user chooses to login by bypassing use of the smart 

29 card, that use is logged at 960 as a bypassed user (i.e. , an unnamed user) and the 
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1 login is permitted at 964. At 968 the bypass alert is turned on and the timer is set 

2 at 972. Control then passes to 940 to determine if a time out has occurred. 

3 In the event access restrictions are not met at 912, the user is prohibited 

4 access at 974 and denial of access is logged in the access log 700. A screen is 

5 presented to the user indicating that access has been denied at 980 and then the 

6 login screen 200 is presented again at 904. Those skilled in the art will appreciate 

7 that many variations on this process are possible and that this process is only 

8 presented as an overview of the general workings of the current invention with 

9 further details being considered implementation 

1 0 Those skilled in the art will recognize that the present invention has been 

1 described in terms of exemplary embodiments based upon use of a programmed 

1|| processor. However, the invention should not be so limited, since the present 

130 invention could be implemented using hardware component equivalents such as 

1§j special purpose hardware and/or dedicated processors which are equivalents to 

1f| the invention as described and claimed. Similarly, general purpose computers, 

10 microprocessor based computers, micro-controllers, optical computers, analog 

15 computers, dedicated processors and/or dedicated hard wired logic may be used 

1 J to construct alternative equivalent embodiments of the present invention. 

W Those skilled in the art will appreciate that the program steps used to 

20 implement the embodiments described above can be implemented using disc 

21 storage as well as other forms of storage including Read Only Memory (ROM) 

22 devices, Random Access Memory (RAM) devices; optical storage elements, 

23 magnetic storage elements, magneto-optical storage elements, flash memory, core 

24 memory and/or other equivalent storage technologies without departing from the 

25 present invention. Such alternative storage devices should be considered 

26 equivalents. 

27 The present invention is preferably implemented using a programmed 

28 processor executing programming instructions that are broadly described above in 

29 flow chart form, and that can be stored in any suitable electronic storage medium 

30 or that can be transmitted over any electronic communication medium. However, 
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1 those skilled in the art will appreciate that the processes described above can be 

2 implemented in any number of variations and in many suitable programming 

3 languages without departing from the present invention. For example, the order of 

4 certain operations carried out can often be varied, and additional operations can be 

5 added without' departing from the invention. Error trapping can be added and/or 

6 enhanced and variations can be made in user interface and information 

7 presentation without departing from the present invention. Such variations are 

8 contemplated and considered equivalent. 

9 While the invention has been described in conjunction with specific 
1 0 embodiments, it is evident that many alternatives, modifications, permutations and 
1 % variations will become apparent to those skilled in the art in light of the foregoing 
12| description. Accordingly, it is intended that the present invention embrace all such . 
1 33 alternatives, modifications and variations as fall within the scope of the appended 

claims. 

Iff What is claimed is: 

16 
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